3 matches found
programcentrum.se XSS vulnerability
Open Bug Bounty ID: OBB-627392 Description| Value ---|--- Affected Website:| programcentrum.se Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
DUware DUforum 3.0/3.1 userEdit.asp id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14035/info DUforum is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to...
CVE-2005-2048
Multiple SQL injection vulnerabilities in DUware DUforum 3.1, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the 1 iMsg parameter to messages.asp, iFor parameter to 2 post.asp or 3 forums.asp, or 4 id parameter to userEdit.asp. NOTE: vectors 1 and 3 were...